package com.devin.service.config;

import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component("myAccessDeniedHandler")
public class MyAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
       //response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        System.out.println("=========AccessDeniedHandler===403 权限不足==========");
//        request.getRequestDispatcher("/403").forward(request,response);
//        response.sendRedirect("/403");
//        response.setStatus(403);
        /*因为是自己定义了AccessDeniedHandler,s所以必须要指定请求错误的状态码*/
        request.setAttribute("javax.servlet.error.status_code",403);
        request.getRequestDispatcher("/error").forward(request,response);
    }
}
